Here is a quote from the web2py docs:
"Making a secure connection
Sometimes it is necessary (and advised) to connect to your database using
secure connection, especially if your database is not on the same server as
your application. In this case you need to pass additional parameters to
the database driver. You should refer to database driver documentation for
details.
For PostgreSQL with psycopg2 it should look like this:
DAL('postgres://user_name:user_password@server_addr/db_name',
driver_args={'sslmode': 'require', 'sslrootcert': 'root.crt',
'sslcert': 'postgresql.crt', 'sslkey': 'postgresql.key'})"
<<END QUOTE>>
I am wondering if this feature is still necessary for a secure db
connection in case I anyway use SSL for the site.
Does this secure postgres feature need to be used on top of existing SSL
connection? Or it's rather for non-ssl site to make a db connection secure?
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/web2py/80a95bc2-94d3-49b0-af02-9f9681b7651e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
